At the moment, the forum binds each login session to an IP address, if that session changes, you are logged out.

Would it be possible to change the way how sessions are handled to remove the binding to IP address? I use 3G internet to connect to the forum in my spare time on my laptop, and so it never remembers my session for that long since my IP address is always constantly changing, but it is the same machine.

Share this post

Link to post

Share on other sites

At the moment, the forum binds each login session to an IP address, if that session changes, you are logged out.

Would it be possible to change the way how sessions are handled to remove the binding to IP address? I use 3G internet to connect to the forum in my spare time on my laptop, and so it never remembers my session for that long since my IP address is always constantly changing, but it is the same machine.

I don't think so. It's just the way the FORUM software works.

I also have the same problem of having to log in again when I use Facebook or iTunes on my iPhone.

Share this post

Link to post

Share on other sites

At the moment, the forum binds each login session to an IP address, if that session changes, you are logged out.

Would it be possible to change the way how sessions are handled to remove the binding to IP address? I use 3G internet to connect to the forum in my spare time on my laptop, and so it never remembers my session for that long since my IP address is always constantly changing, but it is the same machine.

I second this. I realize it's probably as an extra security measure, but few sites do it and password protection should be good enough. (If an attacker stole the login cookie, they probably have the means to steal the password.)

Also, if one is behind a proxy or NAT server that rotates among multiple connections, the forum would be nearly impossible to use logged in. Though maybe those don't exist anymore, if nobody has complained about this more acute situation. (My cable Internet provider worked like this (optionally) way back in 1997.)

At the moment, the forum binds each login session to an IP address, if that session changes, you are logged out.

Would it be possible to change the way how sessions are handled to remove the binding to IP address? I use 3G internet to connect to the forum in my spare time on my laptop, and so it never remembers my session for that long since my IP address is always constantly changing, but it is the same machine.

I second this. I realize it's probably as an extra security measure, but few sites do it and password protection should be good enough. (If an attacker stole the login cookie, they probably have the means to steal the password.)

Also, if one is behind a proxy or NAT server that rotates among multiple connections, the forum would be nearly impossible to use logged in. Though maybe those don't exist anymore, if nobody has complained about this more acute situation. (My cable Internet provider worked like this (optionally) way back in 1997.)

A lot of medium sized businesses in Australia have a setup similar to that, the business gateway will rotate http requests between 2 seperate ADSL connections for load balancing to make sure all employees can get fast access to the outside world.

Prior to tethering, the forum was completely inaccessible for posting from those locations since you would be lucky to browse past the "Redirecting" pages before you got logged out.